Package Exports

@rbxts/jwt
@rbxts/jwt/out/init.lua

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@rbxts/jwt) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

`jwt-luau`

LuaU/roblox-ts fork of x25/luajwt that works with Roblox. Currently only supports symmetric HS(256/384/512).

Wrote this to verify Metrik tokens in our SDK. This is not a full implementation of the JWT spec, but it should be enough for most use cases.

Installation

via `roblox-ts`

npm install @rbxts/jwt

via Wally

jwt = "metrik-tech/jwt@0.2.1"

via `rbxm`/`rbxmx`

Download from Releases page. Latest release can be found here

Usage

TypeScript

import { decode, verify, sign } from "@rbxts/jwt";

// sign jwt
const jwt = sign({ foo: "bar", exp: 1893481200 }, "secret");

// sign jwt with algorithm
const hs483jwt = sign({ foo: "bar", exp: 1893481200 }, "secret", "HS384");

// verify jwt
const isValid = verify(jwt, "secret");

// verify jwt and throw
const throwIfInvalid = verify(jwt, "secret", true);

// decode jwt
const decoded = decode(jwt);

// decode jwt with verification (throws)
const validDecoded = decode(jwt, "secret", true)

Lua

local Jwt = require(path.to.jwt)

-- sign jwt
local jwt = Jwt.sign({ foo = "bar", exp = 1893481200 }, "secret")

-- sign jwt with algorithm
local hs384jwt = Jwt.sign({ foo = "bar", exp = 1893481200 }, "secret", "HS384")

-- verify jwt
local isValid = Jwt.verify(jwt, "secret")

-- verify jwt and throw
local throwIfInvalid = Jwt.verify(jwt, "secret", true)

-- decode jwt
local decoded = Jwt.decode(jwt)

-- decode jwt with verification (throws)
local validDecoded = decode(jwt, "secret", true)

@rbxts/jwt